FTP from PHP between instances of EC2

Recently I had to configure the FTP connection between 2 instances of EC2, which can be quite complicated if we do not consider several points.

The main thing is to understand that the connection between 2 instances of EC2 is a connection that is made between 2 servers protected by a firewall, which also probably work with an internal IP, and use a public IP associated with your VPC.

Problems on FTP’s protocol

Most FTP problems are design flaws of the protocol itself (due to their age), and can not be easily solved.

When we work with FTP in this type of environment we have to take into account two important aspects:

Passive mode

To connect between machines protected by firewalls, passive mode is used, where the ports of the connection are indicated directly.

In the instance that contains the FTP server, we must create a Security Group that allows connection to a high range of ports (for example, from 10,000 to 15,000).

Also, in the FTP server that we are using, we must configure the same range of ports as ports to be used for passive connections, so that all passive connections are made against the ports we have opened.

On the client side, we must indicate that the connection is passive, and depending on how we are connecting, we may have to send a PORT command indicating the public IP.

The connection IPs

When a passive connection is made, it is the client who initiates the data connection with the server.

When the client is going to connect, and depending on the way to do it, and the type of connection or VPC that we are using, it is possible that it sends the private IP instead of the public IP, so the communication with the server will not be possible.

This can be solved by forcing the public IP address with a PORT command, just after starting passive mode.

FTP connection

Although the connection from PHP is in principle exactly the same as any other type of connection, in PHP we can do it in a simpler way with the functions that the language itself incorporates.

En el siguiente ejemplo podéis ver un script completamente funcional de conexión en PHP:

<?php
ini_set('display_errors', 1);
ini_set('track_errors', 1);

$conn_id = ftp_connect('54.54.54.54');
ftp_login($conn_id, 'username', 'password');

ftp_set_option($conn_id, FTP_USEPASVADDRESS, false);
ftp_pasv($conn_id,true);

$l = ftp_nlist($conn_id, ".");
if( ! $l ) {
        print_r(error_get_last());
}
var_dump($l);

The two important instructions in the are those that use the functions ftp_set_option and ftp_pasv , which is where we indicate the way we are going to make the connection.

The option FTP_USEPASVADDRESS what it does is ignore the IP that the server tells us (which may be incorrect) and use the IP of the connection directly (which is the correct one).

The ftp_pasv option initiates a normal passive connection.

With these two options, it is possible to connect without problems even if we are connecting between instances separated by a firewall and using NAT to connect.

 

Should I change to a VPS?

Those of us dedicated to this web, with time accumulate small web that we maintain in different providers of cheap accommodation. They are products for which we do not charge much because they do not require much maintenance either, and they simply “are there”.

Over time, and as the number of websites we keep increasing, we get the million dollar question: Should I switch to a VPS?

The advantages of having a VPS

If you have an average number of websites (say 8 or 10), having them hosted on your own VPS gives you a series of undeniable advantages:

  • Total cost less than using separate accommodations.
  • Better use of resources, since the resources that a web does not use are available for others.
  • Greater ability to adapt the configurations to our liking.
  • All resources of the VPS are at our disposal, not as in normal shared accommodation.
  • The Internet is full of manuals to do the things we need.
  • Better options to expand resources if we are small.

The disadvantages of having a VPS

When you start using your own VPS, you realize that all that glitters is not gold, because having your own VPS also has disadvantages:

  • It is essential to have knowledge in systems administration.
  • If you do not want the pay high price, you will use a GNU / Linux VPS, which forces you to know about GNU / Linux
  • Normally you will use a control panel (such as Cpanel, Plesk or VestaCp), which may have an associated cost.
  • You must know and manage that control panel to avoid problems.
  • If you want to have total freedom, you can not use a control panel, but you must be a good administrator.
  • You have to take care of things like backup copies, save the logs, etc.

Then what do I do?

The main problem with using a VPS is that you have to know how to handle it. If you are willing to learn to do it, you will find many advantages. If you do not have time or desire, better not even start because in the end you will regret it.

If your motivation is just to save money, the safest thing is that you get fed up with the pileup. If you see it as a way to learn, improve and optimize, it’s not a bad idea.

Which VPS provider do you recommend?

I work mainly with 3:

All are cheap, and all are good, but do not stop comparing before deciding.

 

What is AWS SNS?

Inside the Amazon Web Services, SNS is one of two services that deal with sending notifications.

SNS stands for Simple Notification Service, and is the name that best defines its function: sending notifications to subscribers quickly and reliably.

How does SNS work?

SNS is a completely unattended and managed service, which operates in high availability, and in a safe and durable manner.

The main advantage of SNS is that we do not need to know anything about its structure or operation, since it is designed so that our only job is to integrate our application with the SNS API , and SNS is responsible for all message distribution work.

In its most basic structure, we only need to create a Notification Theme (a subject on which we want to send messages, such as “Errors”, to warn of system errors), and to subscribe the points that will receive the notification. These points can be of different types:

  • HTTP
  • HTTPS
  • Email
  • Email-JSON
  • Amazon SQS
  • Applicación
  • AWS Lambda
  • SMS

What are the costs of SNS?

SNS is a service designed for the mass sending of messages that, like the rest of AWS services, has a very low cost, based on the volume of messages sent.

In addition, the free AWS layer for SNS includes the first million messages, which will be more than enough for basic uses of the service.

It is important to clarify that the sending of messages via SMS if it has a different cost (is charged for each SMS sent), due to the characteristics of this type of service.